New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Encryption SDK throws AwsCryptoException #68
Comments
We are taking a look at this. We'll have an update before Aug 28th. |
This avoids issues where a shaded version of BCProvider is installed in the system JCE provider list, which can result in problems when we pass an ECNamedCurveParameterSpec from a different shaded version of BC. Fixes: aws#68
This avoids issues where a shaded version of BCProvider is installed in the system JCE provider list, which can result in problems when we pass an ECNamedCurveParameterSpec from a different shaded version of BC. Fixes: aws#68
This issue can occur if you have multiple versions of BouncyCastle in your classpath (e.g., if one version is shaded), and the one that is installed as the JVM-wide "BC" provider isn't the same one that is being used for the encryption SDK. Can you please try this branch and see if it fixes your issue? https://github.com/bdonlan/aws-encryption-sdk-java/tree/bc_prov |
Note that this can also happen if you have BC loaded via multiple classloaders as well, this might be closer to what you're seeing. |
I have the SAME issue ask reported. Exception thrown:
Two Java apps has with same Bouncy Castle libraries deployed on Tomcat 9.0.13 on JDK 1.8.0_171.
With the fix bdonlan provided bdonlan@d57a75f, rebuild aws-encryption-sdk-java from master branch, and rerun the test, test passed, issue fixed. When are you going to make this fix in aws-encryption-sdk-java next release? Thanks |
* Use the BouncyCastleProvider class directly This avoids issues where a shaded version of BCProvider is installed in the system JCE provider list, which can result in problems when we pass an ECNamedCurveParameterSpec from a different shaded version of BC. Fixes: #68 * Add BouncyCastleConfiguration class for handling BC init This moves the BouncyCastleProvider creation from CryptoAlgorithm to BouncyCastleConfiguration, which also contains a static field for classes that must use a pegged version of BouncyCastle. A newInstance reference is included from CryptoAlgorithm to BouncyCastleConfiguration to force initialization, since it depends on BouncyCastle being on the SecurityProvider chain. * Add comments, and use static method to force class loading This adds documentation for the purpose of the BouncyCastleConfiguration class, and uses a static method call to force the BouncyCastleConfiguration class to be loaded.
I am trying to integrate Encryption SDK with Apache NiFi.
NiFi already includes following versions of bouncy castle dependencies:-
But it throws below exception:-
Any leads where things could be wrong?
The text was updated successfully, but these errors were encountered: